Gathering detailed insights and metrics for conventional-changelog-writer
Gathering detailed insights and metrics for conventional-changelog-writer
Gathering detailed insights and metrics for conventional-changelog-writer
Gathering detailed insights and metrics for conventional-changelog-writer
@types/conventional-changelog-writer
TypeScript definitions for conventional-changelog-writer
conventional-changelog-angular
Angular preset for conventional-changelog.
conventional-changelog-conventionalcommits
Conventionalcommits.org preset for conventional-changelog.
conventional-commits-parser
Parse raw conventional commits.
Generate changelogs and release notes from a project's commit messages and metadata.
npm install conventional-changelog-writer
55.8
Supply Chain
99.5
Quality
81.7
Maintenance
100
Vulnerability
99.6
License
git-client: v1.0.1
Published on 06 May 2024
conventional-changelog: v6.0.0
Published on 03 May 2024
conventional-changelog-core: v8.0.0
Published on 03 May 2024
conventional-changelog-conventionalcommits: v8.0.0
Published on 03 May 2024
git-semver-tags: v8.0.0
Published on 03 May 2024
conventional-changelog-preset-loader: v5.0.0
Published on 03 May 2024
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
7,863 Stars
1,696 Commits
712 Forks
56 Watching
28 Branches
140 Contributors
Updated on 27 Nov 2024
TypeScript (56.39%)
JavaScript (40.81%)
Handlebars (2.8%)
Cumulative downloads
Total Downloads
Last day
-4.7%
997,204
Compared to previous day
Last week
6%
5,534,987
Compared to previous week
Last month
29.4%
20,995,588
Compared to previous month
Last year
19.4%
182,949,267
Compared to previous year
Generate a CHANGELOG from git metadata.
The conventional-changelog repo is managed as a monorepo; it's composed of many npm packages.
The original conventional-changelog/conventional-changelog
API repo can be
found in packages/conventional-changelog.
It's recommended you use the high level commit-and-tag-version library, which is a drop-in replacement for npm's version
command, handling automated version bumping, tagging and CHANGELOG generation.
Alternatively, if you'd like to move towards completely automating your release process as an output from CI/CD, consider using semantic-release.
You can also use one of the plugins if you are already using the tool:
We only support Long-Term Support versions of Node.
We specifically limit our support to LTS versions of Node, not because this package won't work on other versions, but because we have a limited amount of time, and supporting LTS offers the greatest return on that investment.
It's possible this package will work correctly on newer versions of Node. It may even be possible to use this package on older versions of Node, though that's more unlikely as we'll make every effort to take advantage of features available in the oldest LTS version we support.
As each Node LTS version reaches its end-of-life we will remove that version from the node
engines
property of our package's package.json
file. Removing a Node version is considered a breaking change and will entail the publishing of a new major version of this package. We will not accept any requests to support an end-of-life version of Node. Any merge requests or issues supporting an end-of-life version of Node will be closed.
We will accept code that allows this package to run on newer, non-LTS, versions of Node. Furthermore, we will attempt to ensure our own changes work on the latest version of Node. To help in that commitment, our continuous integration setup runs against all LTS versions of Node in addition the most recent Node release; called current.
JavaScript package managers should allow you to install this package with any version of Node, with, at most, a warning if your version of Node does not fall within the range specified by our node
engines
property. If you encounter issues installing this package, please report the issue to your package manager.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
4 existing vulnerabilities detected
Details
Reason
4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4
Reason
Found 0/6 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More